Does f(x) Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in f(x) Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is f(x) Builder compatible with WordPress 4.8.28?

According to WordPress.org data, f(x) Builder 1.0.2 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is f(x) Builder updated?

f(x) Builder was last updated on Aug 13, 2017. Frequent updates are generally a positive security signal.

What is f(x) Builder's security score?

f(x) Builder has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

f(x) Builder Security & Risk Analysis

wordpress.org/plugins/fx-builder

A simple page builder plugin. The one you can actually use.

30 active installs v1.0.2 PHP + WP 4.5+ Updated Aug 13, 2017

betadrag-and-droppage-builder

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is f(x) Builder Safe to Use in 2026?

Generally Safe

Score 85/100

f(x) Builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The fx-builder plugin version 1.0.2 exhibits a generally good security posture based on the provided static analysis. It demonstrates adherence to secure coding practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks on all identified entry points (AJAX handlers). The absence of dangerous functions, file operations, and external HTTP requests further contributes to its security. The low percentage of unescaped output is a minor concern but not a critical one given the overall context.

The taint analysis revealed no critical or high-severity flows, indicating no readily identifiable pathways for data manipulation or code execution through unsanitized inputs. The vulnerability history is also clean, with no recorded CVEs. This suggests that, at least in its history, the plugin has not been a source of significant security flaws. While the plugin performs well in these areas, the slightly lower percentage of properly escaped output warrants attention as a potential, albeit minor, area for improvement to further harden the plugin against cross-site scripting vulnerabilities.

In conclusion, fx-builder v1.0.2 appears to be a relatively secure plugin with a strong foundation in secure coding principles. The absence of critical vulnerabilities in both static analysis and historical data is a significant positive. The primary area for improvement lies in addressing the unescaped output, though the current rate is not alarmingly high. Overall, the risk associated with this plugin is assessed as low.

Key Concerns

Less than 100% of outputs are properly escaped

Vulnerabilities

None known

f(x) Builder Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

f(x) Builder Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

71 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

77% escaped92 total outputs

Attack Surface

f(x) Builder Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_fxb_export_to_jsonincludes\builder\tools.php:34

authwp_ajax_fxb_import_dataincludes\builder\tools.php:35

WordPress Hooks 26

actionplugins_loadedfx-builder.php:34

actionadmin_headincludes\builder\builder.php:30

actionedit_form_after_editorincludes\builder\builder.php:33

actionsave_postincludes\builder\builder.php:36

actionadmin_enqueue_scriptsincludes\builder\builder.php:39

actionsave_postincludes\builder\builder.php:266

actionfxb_switcher_navincludes\builder\custom-css.php:28

actionsave_postincludes\builder\custom-css.php:31

actionadmin_enqueue_scriptsincludes\builder\custom-css.php:34

actionwp_headincludes\builder\custom-css.php:37

filterthe_contentincludes\builder\front.php:27

actionwp_enqueue_scriptsincludes\builder\front.php:30

filterpost_classincludes\builder\front.php:33

filterthe_contentincludes\builder\front.php:56

actionsave_postincludes\builder\revisions.php:27

actionwp_restore_post_revisionincludes\builder\revisions.php:30

actionadmin_headincludes\builder\switcher.php:29

actionedit_form_after_titleincludes\builder\switcher.php:32

actionadmin_enqueue_scriptsincludes\builder\switcher.php:35

actionfxb_switcher_navincludes\builder\tools.php:28

actionadmin_enqueue_scriptsincludes\builder\tools.php:31

actionadmin_menuincludes\settings\settings.php:33

actionadmin_initincludes\settings\settings.php:36

actioninitincludes\settings\settings.php:39

actionadmin_noticeslibrary\system-requirement.php:34

actionadmin_noticeslibrary\welcome-notice.php:31

Maintenance & Trust

f(x) Builder Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedAug 13, 2017

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings5

Active installs30

Alternatives

f(x) Builder Alternatives

Elementor Website Builder – More Than Just a Page Builder

elementor

The Elementor Website Builder has it all: drag and drop page builder, pixel perfect design, mobile responsive editing, and more. Get started now!

10.0M 45 CVEs

Page Builder by SiteOrigin

siteorigin-panels

Build responsive page layouts using the widgets you know and love using this simple drag and drop page builder.

500K 8 CVEs

Page Builder: Pagelayer – Drag and Drop website builder

pagelayer

The most advanced frontend drag & drop page builder. Pagelayer is a light weight but extremely powerful Website Builder.

400K 25 CVEs

Beaver Builder Page Builder – Drag and Drop Website Builder

beaver-builder-lite-version

The Professional's Choice for Drag & Drop WordPress Page Building. Fast, Reliable, and Trusted since 2014.

100K 31 CVEs

Colibri Page Builder

colibri-page-builder

Colibri Page Builder adds drag and drop page builder functionality to the ColibriWP theme.

90K 18 CVEs

Developer Profile

f(x) Builder Developer Profile

David Chandra Purnama

12 plugins · 2K total installs

trust score

Avg Security Score

83/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect f(x) Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fx-builder/includes/builder/assets/css/build.css/wp-content/plugins/fx-builder/includes/builder/assets/js/build.js

Script Paths

/wp-content/plugins/fx-builder/includes/builder/assets/js/build.js

Version Parameters

fx-builder/includes/builder/assets/css/build.css?ver=fx-builder/includes/builder/assets/js/build.js?ver=

HTML / DOM Fingerprints

CSS Classes

fxb-wrapperfxb-modal-overlayfxbfxb-editor-wrapfxb-settings-wrapfxb-rowfxb-colfxb-col-content+2 more

HTML Comments

Data Attributes

data-iddata-col_indexautocompletedata-target

JS Globals

fxb_admin_colorFX_BUILDER_URIFX_BUILDER_PATHFX_BUILDER_FILEFX_BUILDER_PLUGINFX_BUILDER_VERSION+1 more

Shortcode Output

<input type="hidden" name="_fxb_row_ids" value="

FAQ